System and method for authentication

ABSTRACT

A device, system and method may aid in authenticating an applicant wishing to establish a relationship such as a bank account, credit card, or other relationship with an institution. Applicant information may be sent to a second institution, which may determine whether or not the applicant has a relationship (e.g. account) with the second institution; based on this determination the identity of the applicant may be authenticated.

RELATED APPLICATION DATA

The present application claims benefit from prior provisionalapplication Ser. No. 60/502,297 entitled “SYSTEM AND METHOD FORAUTHENTICATION”, filed on Sep. 12, 2003, incorporated be referenceherein in its entirety.

FIELD OF THE INVENTION

The present invention relates to identity or other authentication; morespecifically the present invention may be used, for example, inauthenticating parties in a transaction.

BACKGROUND

Stolen identities, stolen identification information, or fictitiousidentification information may be used in order to fraudulentlyestablish and use relationships, such as to open financial accounts,gain access to them and withdraw funds from them, or otherwise make useof them. Such fraud may be performed by taking over an individual'sidentification details (such as name, date of birth or social securitynumber, “SSN”), and posing as such individual, effectively “taking overits identity” (sometimes referred to as “identity theft”), or bycreating a new identity (for example a newly invented identity, anidentity based on a collection of stolen identification information ofvarious individuals (sometimes referred to as “identity fraud”)).

The cost of such fraudulent activity is estimated at billions of dollarsannually. The costs extend beyond financial losses to the loss ofprivacy and much inconvenience suffered by individual victims. Currentlythere are two main approaches to reducing identity fraud and theft, aswell as to reducing their impact and costs. Some systems are intended todetect that fraud has actually taken place—these include primarily frauddetection systems, which aim to identify suspicious patterns ofactivity, and flag such activity. Such systems can be implementedinternally by financial institutions, or resorted to as an externalservice by banks. The earlier the fraud is detected, the lesser are itscosts. In addition, use is made of various types of databases toauthenticate the identity of individuals seeking to open new financialaccounts. These may include for example credit bureaus as well as othercentralized databases.

Current systems have shortcomings. Fraud detection systems may respondonly to a pattern, and therefore may not be able to identify singleproblematic transactions. Centralized databases may be susceptible tofraud once fraudsters gain access to certain data elements, andtherefore cannot always differentiate between a true user and thefraudster. While credit bureaus have access to a wide variety offinancial information, the access to that information may be open tofraudsters who pose as service providers who require access to the data.Moreover, sometimes the information collected by the credit bureaus istoo complex to use as a basis for authentication, as honest individualsmay not recall for example the size of installments they had previouslypaid on a loan. Other shortcomings exist. For example many existingsolutions may require advance registration by those wishing to enter atransaction, and existing solutions may not be able to accommodate faceto face encounters for validation.

BRIEF DESCRIPTION OF THE DRAWINGS

The subject matter regarded as the invention is particularly pointed outand distinctly claimed in the concluding portion of the specification.The invention, however, both as to organization and method of operation,together with objects, features and advantages thereof, may best beunderstood by reference to the following detailed description when readwith the accompanied drawings in which:

FIG. 1 depicts an authentication system according to one embodiment ofthe present invention; and

FIG. 2 is a flowchart depicting a method according to an embodiment ofthe present invention.

It will be appreciated that for simplicity and clarity of illustration,elements shown in the figures have not necessarily been drawn to scale.Further, where considered appropriate, reference numerals may berepeated among the figures to indicate corresponding or analogouselements.

DETAILED DESCRIPTION

In the following detailed description, numerous specific details are setforth in order to provide a thorough understanding of the invention.However it will be understood by those of ordinary skill in the art thatthe present invention may be practiced without these specific details.In other instances, well-known methods, procedures, components andcircuits have not been described in detail so as not to obscure thepresent invention. Various modifications to the described embodimentswill be apparent to those with skill in the art, and the generalprinciples defined herein may be applied to other embodiments. Thepresent invention is not intended to be limited to the particularembodiments shown and described.

Embodiments of the current invention may enable providers (which may bereferred to herein as for example institutions or Transaction Providers)of services or transactions that carry financial consequences, personalidentity related consequences, or any other consequences to authenticatethe identity of the individual or company which is attempting to accesssuch service or perform such transaction (which may be referred toherein for example an applicant or Transaction Performer).

In one embodiment, institutions or Transaction Providers may find outwhether there exist other institutions or Transaction providers who havea previous or preexisting relationship (which may be termed QualifyingRelationship, the institutions having such relationships possibly beingtermed “Previous Qualifying Providers”) with the applicant orTransaction Performer, and utilize Identifying Details, information orvalidation documents (such as for example, an ATM or debit card and aPIN, and their association with identification details such as a SocialSecurity Number (“SSN’) or a combination of name and date of birth)associated with Previous Qualifying Providers in order to validate theidentity of the applicant. The fact that a reputable entity has aworking or ongoing relationship with an applicant may be evidence thatthe applicant is authentic and reputable.

A process according to some embodiments may allow an applicant toproceed with creating an account or other relationship at a firstinstitution only if the second institution verifies that the applicanthas a valid preexisting relationship with the second institution. Thisis not to say that the applicant is prevented from opening an account orestablishing a relationship altogether—a process may allow or prevent anapplicant from establishing a relationship via a certain path. Anapplicant may establish a relationship with an institution via another,more traditional, method. A process according to some embodiments mayallow an applicant's identity to be validated based on a preexistingrelationship with an institution; this identity may be used to permit anapplicant to establish another relationship, but need not be.

Verification in some embodiments may only be performed if a preexistingrelationship has certain characteristics. For example, the TransactionProvider or an intermediate party such as a verification service maydetermine whether or not a relationship is for example a QualifyingRelationship based on parameters such as the term of the relationship,the type and velocity of transactions performed as part of therelationship, and whether there has been established shared secrets aspart of such relationship.

In one embodiment of the current invention the creation of a sharedsecret with a former transaction provider may be an element indetermining whether such relationship qualifies, together with otherqualifying elements, or without them. For example, a PIN numberassociated with a debit card, as well as other passwords, usernames andsecret codes could serve to qualify such a relationship.

Embodiments of the invention may offer a higher degree of assurance asto an individual's identity, and may reduce the use of stolenidentities, stolen identification information, or fictitiousidentification information in order to fraudulently open financialaccounts, gain access to them and withdraw funds from them, or otherwisemake use of them. Embodiments of the present invention may not requireadvance registration of institutions, and may accommodate face to faceencounters as well as Internet, ATM or telephone based transactions.Different or additional benefits may be realized. In some embodiments athird party authentication service may be in contact with both aninstitution with which an applicant wishes to establish a relationshipand a second, preexisting institution. The third party need not howevercontact the preexisting institution; the third party service may contacta different institution, use an internal database, etc. Further, inother embodiments, a third party authentication service separate fromthe institutions involved need not be used.

Given that in a many cases, individuals who wish to perform atransaction (such as for example open a new financial account, modify anexisting one, apply for a credit card, apply for a loan) already have apre-existing relationship with a different transaction provider, suchindividuals may also have a shared secret with such transactionprovider. In one embodiment of the current invention such shared secretmay be a PIN number associated with a an ATM card or a debit, or creditcard, usually with a PIN associated with it.

According to one embodiment of the present invention, an association maybe created between information related to an individual (e.g.,Identifying Details, an ATM, debit or credit card possessed by anindividual), and the PIN number associated with that card, for thepurpose of validating an individual's identity.

According to another embodiment of the current invention, the validationprocess may require that the individual maintain or own the account withthe Transaction provider, underlying the shared secret, more than acertain threshold period of time, and that a minimum number oftransaction have been made utilizing such shared secret. In order tovalidate one's identity an individual may have to not only hold thephysical card, but also the PIN as well as the SSN. The card andassociated PIN used for the validation purposes typically does notbelong to the same institution where a new account or relationshipsought

The strength of such validation may be based on the fact thatindividuals' PINs are highly secure, and are usually not used for thepurpose of authentication (other than in conjunction with a transactionperformed with the associated card).

The linkage can be created in a variety of methods. An applicant (e.g.,Transaction Performer) may be required to posses a card such as adebit/ATM card with an associated PIN for more than a certain thresholdperiod in order to be authenticated using an embodiment of the presentinvention; such time limits need not be required. Individuals may berequired or forced to utilize their “oldest” card (e.g., ATM card) andassociated PIN for the sake of validation, rather than newer cards.Identification items other than bank or credit cards, PINs and socialsecurity numbers may be used.

For example, a user wishing to open a bank account with an institutionthat is a bank may be queried by the bank (via for example a third partyservice, or directly) for an existing bank, credit, or ATM card. It maybe required that the card have been valid for a certain amount of time.The user may be queried for a password or PIN. The bank or third partyservice may check the card and password or PIN via for example theexisting ATM network. The database of the institution that issued theprevious card may be queried to verify that the applicant and card isvalid, and that the card or account has existed for a certain amount oftime.

FIG. 1 depicts an authentication system according to one embodiment ofthe present invention. Referring to FIG. 1, an authentication service100 may coordinate authentication or perform authentication among anumber of institutions 210, 220 and 230. Authentication may be performedon behalf of an applicant 30. An applicant 30 may be an individual, acompany, association, etc. Authentication service 100 may include orhave access to, for example, an identification site 110 which mayinclude, for example, a card reader 120. Alternately, card readers 120may be associated with institutions 210, 220 and 230, and may transmitthe relevant authentication data to the authentication service. Thevarious components may be connected by one or more known communicationssystems 10, including for example, the Internet, telephone lines, datalines such as T1 lines, or other known communications systems usingknown protocols. An applicant 30 may have a physical identifier 32, suchas an ATM or credit card, or another physically embodied form ofidentification or authentication. Authentication service 100 mayinclude, for example, computing systems 120 (including suitableprocessors, controllers, etc.) and/or database systems 130. Databasesystems 130 may include one or more databases, and may be distributedamong various different entities or sites. Database systems 130 mayinclude, for example, information on institutions, such as memberinstitutions and/or institutions that may be contacted to verifyapplicant data (the two sets of institutions may be the same),applicants or customers associated with or using an authenticationservice, specific information required by institutions to verify that anindividual or applicant has a relationship or account with theinstitution, governance or policy information, additional criteriarequirements, which institutions have relationships with applicants,preferred rank of use for querying institutions, length of time ofrelationship of institutions with the applicants, etc. Database systems130 or other functionality may be distributed among institutions usingor forming the authentication service.

Computing systems 120 may include suitable processors or controllers,and may be embodied in or include, for example, personal computersystem(s), distributed systems, mainframes, etc. For example, computingsystems 120 may include software operated on a personal computer whichoperates other software as well.

Institutions 210, 220 and 230 may be entities providing goods orservices or financial transactions or other functions to applicant 30,and may function as for example providers or Transaction Providers.Applicant 30 (which may be referred to as a Transaction Performer) maywish to receive services or other functions from institutions 210, 220and 230, such as for example opening a bank account, securing a loan orline of credit, obtaining a credit card, purchasing services, etc.Depending on the context, institutions 210, 220 and 230 may be, forexample Transaction Providers or Previous Qualifying Providers.

While in one embodiment authentication service 100 is a third partyrelative to the institutions 210, 220 and 230 that use theauthentication service 100, and is physically and organizationallyseparate or distinct from institutions 210, 220 and 230, in anotherembodiment one or more of institutions 210, 220 and 230 may act as orinclude the functionality of authentication service 100. For example, aninstitution among institutions 210, 220 and 230 may incorporateauthentication service 100, or institutions 210, 220 and 230 maycooperate to perform the functions of authentication service 100.

FIG. 2 is a flowchart depicting a method according to an embodiment ofthe present invention. While the embodiment of the invention aspresented in FIG. 1 may be used to practice embodiments of a method ofthe invention, other systems and equipment may be used.

Referring to FIG. 2, in step 400, an applicant contacts a firstinstitution to establish a relationship, for example to perform atransaction. For, example an individual wishes to be issued a new creditcard. Other transactions are possible; for example, the purchase or saleof goods or services, obtaining a loan or credit, etc. Typically, theapplicant has no prior relationship with the institution, and theinstitution wishes to verify the authenticity of the applicant'sidentity, and in addition possibly other information, such as the creditworthiness or other information relating to the applicant.

In step 410, the applicant may provide the institution with anidentifying detail or other item or item(s) of information, such as forexample a name and/or social security number. In one embodiment theinitial information provided by the applicant is not as secret as laterinformation—e.g., a name or social security number may be initiallyprovided, and later (e.g., in step 450), an account number or PIN may beprovided. Other information may be needed or used in step 410 or in step450, for example, a bank account number, password, signature, an answerto a standard authorization question, a CVV or CVV2, the number of abank or credit card, etc.

In step 420, the institution may contact the authentication service,transmitting to the service information it has collected from theapplicant, such as identifying information, name, social securitynumber, or other information. The information may not be transmitted. Inaddition, the information can be verified or checked directly withanother institution. In other embodiments, the authentication service orparts of the functionality of the authentication service may beintegrated with one or more institutions. For example, one or more ofsteps 430-460 may be performed by institutions, for examplecommunicating among themselves, possibly maintaining internal databases,etc. Interaction between the applicant and authentication service orinstitution may be, for example, face to face or point of service, orpossibly remotely, via for example, the Internet.

More than one interaction may be required—for example, after an initialcontact with an institution with which the applicant wishes to establisha relationship, the applicant may be directed to contact anauthentication service. The interaction with the authentication servicemay be at a secure location, such as via a card reader maintained by aninstitution associated with the authentication service or theauthentication service. In one embodiment, the interface between theapplicant and the authentication service may be via institutionsassociated with or in communication with the authentication service. Forexample, an applicant wishing to establish a relationship withinstitution 200 may interface with institution 200, exchanging data withcard readers and personnel at institution 200, and institution 200 maytransfer information to a separate authentication service toauthenticate the applicant.

In step 430, the authentication service, after accepting information onthe applicant and possibly other information, may determine if a secondinstitution (e.g., a Previous Qualifying Provider) has engaged in aprevious transaction with or maintains an existing or past relationship(e.g., a Qualifying Relationship) with the applicant. For example, theauthentication service may determine if the applicant maintains a bankaccount with, has a loan outstanding with, has purchased goods orservices from, another institution.

Typically, the institutions for which the authentication service maydetermine such information are limited to a set of institutionsparticipating in the service provided by the authentication service. Forexample, a group of institutions may form such a service or may joinwith or associate themselves with such a service. It may be possiblethat a set of institutions—e.g., one or more banks—may decide not to useor provide information to the authentication service.

The authentication service (or, e.g., an institution, if suchfunctionality is performed by institutions) may determine whichinstitutions have Qualifying Relationships, or previous or existingrelationships with an applicant by referencing a database, for exampledatabase systems 130, or another database. In another embodiment, theauthentication service may determine such information by queryinginstitutions directly, or in some embodiments by querying the applicantfor a list of possible institutions to contact.

In step 440, the authentication service may determine which among a setof institutions determined to be Previous Qualifying Providers tocontact (wherein set may include one). This may involve, for example,ranking the institutions by certain criteria, such as length of time ofrelationship with the applicant, “strength” of relationship (e.g.,amount of money in transactions), etc. Such a determination need not bemade—for example, the first on a list of institutions maybe contacted.

In step 450, the authentication service may request of the applicant toprovide additional data and/or present physical items, to authenticatethe relationship with the relevant institution, such as the PreviousQualifying Provider or the institution chosen in step 440. Data may be,e.g., a PIN, a password, an account number, a recent transaction number,or an attributed secret associated with the applicant and the relevantinstitution. For example, if a bank is chosen as the relevantinstitution, the applicant may be requested to present the ATM cardassociated with the bank and in addition enter the PIN associated withthe ATM card. Such presentation may be provided, for example, at cardreader 120. Other data may be provided; for example, if a PreviousQualifying Provider is a mutual find company, an account number andpossibly a PIN or recent transaction code may be provided. Theauthentication service may request that the applicant present himself orherself, to provide face to face interaction, or may accommodate suchinteraction if required by the nature of information requested (e.g.,the presentation and use of an ATM card), or if the applicant wishes.Such face to face interaction may be provided, e.g., by theauthentication service itself, by an institution (e.g., a bank)associated with the authentication service, etc.

Which authentication data (e.g., data and/or physical items) theapplicant should present may be pre-set, or may differ and be based onthe specific relevant institution. For example, if a database lookup isused, the database may include in the entry for the institution the setof authentication data required. In an alternative embodiment, theauthentication data may query the relevant institution as to which datato request.

In one embodiment, when an institution wishes to validate an applicant'sidentity, the applicant may provide for example identifying details(e.g., a SSN), his or her ATM or other card, and a PIN. The PINassociated with the card, may be validated via existing infrastructure(such as ATM network, EMV infrastructure or other means). The priorinstitution (e.g., Previous Qualifying Provider) which issued the cardmay examine whether the SSN (or other identifying detail) is correct andwhether this is a qualifying account. This can be carried outface-to-face (by utilizing a terminal connected to the ATM network orother infrastructure), via the Internet, the phone, or at an ATM machineor via other suitable methods.

In some embodiments, the applicant may be required to show not only thathe or she has information as to the existence of the relationship withthe relevant institution, but in addition attributed secret data, suchas passwords or PINs, showing that the applicant is the actual personhaving the relationship. For example, a social security number, accountnumber, or ATM card may be stolen, but it is less likely that apassword, or a combination of data, is stolen. Secondary information,such as an application number provide by a bank, may be requested.Various other data items or combinations of data items may be required.

In step 460, the authentication service may transmit data regarding theapplicant request to the relevant institution (e.g., the secondinstitution), such as the Previous Qualifying Provider. Suchtransmission of information may be performed, for example, viacommunications systems 10. Transmitted information may include, forexample, identification of the applicant and possibly additional dataitems on the applicants, such as an attributed secret data, a PIN, apassword, an account number, etc.

In place of transmitting information to a second institution or aninstitution having some previous relationship with a user, theinformation (e.g., an identification, a password) may be checked againsta database, for example a database kept at an authentication service, orwith a third party.

In step 470, the relevant institution may determine if it has apreexisting relationship with the applicant, and/or whether or not thetransmitted applicant data is valid, and in addition possibly whether ornot the relationship between the institution and applicant are valid.The relevant institution may authenticate the identity of the applicant,for example based on a preexisting applicant relationship. The results(e.g., positive or negative, or more involved results) may be sent tothe authentication service. While in some embodiments, the results maybe used to permit an applicant to establish another relationship, inother embodiments this need not happen. Further, a determination of“positive” or “negative” or other results may take place at anauthentication service.

Various combinations of information may be validated. For example, theinstitution may validate that the account number or ATM card numberprovided is a qualifying number and belongs to an individual with such asocial security number or PIN. An institution may deny that theapplicant is valid because, for example, an account number and/or PINare invalid, an institution may confirm that the applicant has a validrelationship with the institution, the institution may notify theauthentication service that the applicant has or had a relationship withthe institution, but that the applicant is not in good standing, etc.

In step 480, the applicant may be validated, depending on thedetermination in step 470. If the validation is positive, the applicantmay establish a relationship with or be allowed to establish arelationship with the first institution. The validation may beconditional. For example, the relationship with the second institutionvalidated in step 470 may need to exist for a certain period of timebeyond the validation in order that the applicant maintain therelationship requested with the first institution in step 400. Forexample, if it is determined later that an ATM card or an identity usedto establish the relationship with the second institution has beenstolen, the relationship established with the first institution may becancelled.

In step 490, the validation information may be transmitted to the firstinstitution, with which a relationship or transaction is requested.Other operations or series of steps may be used, and the operationsdiscussed above may be performed by entities other than those discussed.For example, a first and second institution may cooperate directly toauthenticate an applicant based on a preexisting relationship betweenthe applicant and the second institution.

In one embodiment, in order for the information held by an institutionsuch as a Previous Qualifying Provider to qualify as validating theidentity of an applicant (e.g., a Transaction Performer), it may need tomeet certain criteria. For example, in order for a debit card and itsassociated PIN, issued by an institution, to qualify for validating theidentity of an applicant, it may be required to have been issued formore than a certain threshold period of time, and to have performed acertain minimum number of transactions, etc. Such additional criterianeed not be used. Such additional criteria may, for example, be specificto the institution seeking to establish the new relationship with theapplicant, or possibly may be part of a governance or policy schemeassociated with the authentication service. Such policies or additionalcriteria requirements may be stored for example at a database associatedwith the authentication service.

An institution (e.g., a new Transaction Provider) wishing to validatethe identity of an applicant may inquire with a provider of anauthentication system, or with the applicant in advance whether thereexists a relationship with a previous institution (e.g., a PreviousQualifying Provider) and for example whether the previous institutionhad for example issued for an ATM card or other suitable physical item,and in addition which has existed for a minimum period of time and/orshows some minimum activity. If a previous institution exists thecurrent institution may force or require the use of this method, askingfor the relevant card, its PIN number and possibly other identifyingdetails, such as a social security number.

In some embodiments, in order to achieve a higher level of security,following a positive validation of an applicant's identity, a check maybe made after a redefine period whether this is indeed a qualifyingaccount and that, for example the account has not been reported to befraudulent or the security of the account has not been breached (e.g.,the relevant ATM card has not been reported as stolen). If the latercheck determines the security has been breached or there is a fraud, theinstitution that had formed the relationship with the individual may bealerted.

During a transaction according to some embodiments of the invention, anapplicant may be required to provide a new secret piece of data (e.g.,secret question/answer pairs, a biometric such as a fingerprint, etc.).In subsequent applications, this new piece of data can be required,possibly in addition to other data (e.g., SSN, identifying details, PIN,etc. This may allow the process and the system to continuously grow instrength in terms of the force of the verification. Once an applicant'sidentity is verified via the system according to one embodiment, theapplicant's future exposure to fraud may be reduced.

In one embodiment, the authentication service (or an entity performingsuch functions) may determine which among several possible preexistingrelationships the user should use for authentication. For example, oneof several bank cards or items of secret information held by a user maybe required for authentication. This may increase security, as afraudulent applicant may have for example stolen a bank card orinformation. In other embodiments, a user may choose.

While certain features of the invention have been illustrated anddescribed herein, many modifications, substitutions, changes, andequivalents will now occur to those skilled in the art. It is,therefore, to be understood that the appended claims are intended tocover all such modifications and changes as fall within the true spiritof the invention.

1. A method comprising: accepting an identification of an applicant anda data item of an applicant; transmitting the identification and thedata item to a second institution; and determining if the applicant hasa preexisting relationship with the second institution.
 2. The method ofclaim 1, wherein the data item is an attributed secret data item.
 3. Themethod of claim 1, wherein the attributed secret data item is an accountnumber.
 4. The method of claim 1, wherein the first institution is abank.
 5. The method of claim 1, comprising, if the determination ispositive, allowing the applicant to establish a relationship with afirst institution.
 6. The method of claim 1, comprising allowing theapplicant to proceed with creating an account at a first institutiononly if the second institution verifies that the applicant has a validpreexisting relationship with the second institution.
 7. The method ofclaim 1, wherein the attributed secret data item is a password.
 8. Themethod of claim 1, wherein the relationship is a transaction.
 9. Themethod of claim 1, wherein the relationship is an account.
 10. Themethod of claim 1, comprising storing a list of second institutions thatmay be contacted to verify applicant data.
 11. The method of claim 1,comprising determining which among a set of institutions may becontacted to verify applicant data.
 12. The method of claim 1,comprising verifying the identity of the applicant based on thedetermination.
 13. A system comprising: a controller to: accept anidentification of an applicant and an additional data item of theapplicant; transmit the identification and the attributed secret dataitem to a second institution; and determine if the applicant has apreexisting relationship with the second institution.
 14. The system ofclaim 13, wherein the controller is to allow the applicant to proceedwith creating an account at a first institution only if the secondinstitution verifies that the applicant has a valid preexistingrelationship with the second institution.
 15. The system of claim 13,wherein the attributed secret data item is a password.
 16. The system ofclaim 13, wherein the first institution is a bank.
 17. The system ofclaim 13, wherein the relationship is a transaction.
 18. The system ofclaim 13, comprising a list of second institutions that may be contactedto verify applicant data.
 19. The system of claim 13, wherein thecontroller is physically separate from the first institution and thesecond institution.
 20. A method comprising: accepting an identificationof an applicant and an attributed secret data item of an applicant; andauthenticating the identity of the applicant based on a preexistingapplicant relationship with an institution.
 21. The method of claim 1,wherein the attributed secret data item is an account number.
 22. Themethod of claim 1, wherein the institution is a bank.
 23. The method ofclaim 1, wherein the attributed secret data item is a password.
 24. Themethod of claim 1, comprising determining which among a set ofinstitutions may be contacted to verify applicant data.
 25. A methodcomprising: accepting an identification of an applicant; determining ifthe applicant has a preexisting relationship with a second institution;and based on the determination, validating the identification of theapplicant for a first institution.
 26. The method of claim 25, whereinthe first institution is a bank.
 27. The method of claim 25, comprisingchoosing one among a set of second institutions to use for a preexistingrelationship determination.
 28. The method of claim 25, comprisingdetermining an item of secret information on which to query theapplicant.
 29. The method of claim 25, comprising, if the determinationis positive, allowing the applicant to establish a relationship with thefirst institution.
 30. The method of claim 25, comprising determining ifthe applicant has a valid preexisting relationship with a secondinstitution.
 31. The method of claim 25, wherein determining if theapplicant has a preexisting relationship with a second institutionincludes at least contacting the second institution.